From 805969ec63f22303d89a25dd8aa23d54dc65bf73 Mon Sep 17 00:00:00 2001
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
Date: Mon, 9 Sep 2019 21:52:47 +0200
Subject: netlink_delinearize: fix wrong conversion to "list" in ct mark

We only prefer "list" representation in "ct event". For any other type of "ct"
use the "or" representation so nft prints "ct mark set ct mark | 0x00000001"
instead of "ct mark set ct mark,0x00000001".

Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1364
Fixes: cb8f81ac3079 ("netlink_delinearize: prefer ct event set foo,bar over 'set foo|bar'")
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/netlink_delinearize.c | 3 ++-
 tests/py/any/ct.t         | 1 +
 tests/py/any/ct.t.payload | 6 ++++++
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index fc2574b1..f7d328a8 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -2550,7 +2550,8 @@ static void rule_parse_postprocess(struct netlink_parse_ctx *ctx, struct rule *r
 			if (stmt->ct.expr != NULL) {
 				expr_postprocess(&rctx, &stmt->ct.expr);
 
-				if (stmt->ct.expr->etype == EXPR_BINOP)
+				if (stmt->ct.expr->etype == EXPR_BINOP &&
+				    stmt->ct.key == NFT_CT_EVENTMASK)
 					stmt->ct.expr = binop_tree_to_list(NULL,
 									   stmt->ct.expr);
 			}
diff --git a/tests/py/any/ct.t b/tests/py/any/ct.t
index 267eca1a..ebc08644 100644
--- a/tests/py/any/ct.t
+++ b/tests/py/any/ct.t
@@ -38,6 +38,7 @@ ct mark and 0x23 == 0x11;ok;ct mark & 0x00000023 == 0x00000011
 ct mark and 0x3 != 0x1;ok;ct mark & 0x00000003 != 0x00000001
 ct mark xor 0x23 == 0x11;ok;ct mark 0x00000032
 ct mark xor 0x3 != 0x1;ok;ct mark != 0x00000002
+ct mark set ct mark or 0x00000001;ok;ct mark set ct mark | 0x00000001
 
 ct mark 0x00000032;ok
 ct mark != 0x00000032;ok
diff --git a/tests/py/any/ct.t.payload b/tests/py/any/ct.t.payload
index 86ac81cd..bdc6a70e 100644
--- a/tests/py/any/ct.t.payload
+++ b/tests/py/any/ct.t.payload
@@ -493,3 +493,9 @@ ip test-ip4 output
   [ ct load mark => reg 9 ]
   [ lookup reg 1 set __map%d dreg 0 ]
 
+# ct mark set ct mark or 0x00000001
+ip test-ip4 output
+  [ ct load mark => reg 1 ]
+  [ bitwise reg 1 = (reg=1 & 0xfffffffe ) ^ 0x00000001 ]
+  [ ct set mark with reg 1 ]
+
-- 
cgit v1.2.3